Our latest release includes an important performance bugfix for React.lazy. Although there are no API changes, we’re releasing it as a minor instead of a patch.

Why Is This Bugfix a Minor Instead of a Patch?

React follows semantic versioning. Typically, this means that we use patch versions for bugfixes, and minors for new (non-breaking) features. However, we reserve the option to release minor versions even if they do not include new features. The motivation is to reserve patches for changes that have a very low chance of breaking. Patches are the most important type of release because they sometimes contain critical bugfixes. That means patch releases have a higher bar for reliability. It’s unacceptable for a patch to introduce additional bugs, because if people come to distrust patches, it compromises our ability to fix critical bugs when they arise — for example, to fix a security vulnerability.

Ok, so after considering the alternatives we'll have to make a choice and looks like we'll go with something like the original proposals.

Thanks to feedback and lots of testing we have a few actionable items that we'll need to address before releasing:

useMutationEffect isn't that useful today because refs aren't resolved by the time it fires. We'll need to fix that somehow.

useImperativeMethods needs a new name that doesn't imply use of virtual dispatch style methods. E.g. for use with opaque handles such as strings or numbers.

useCallback still has some unfortunate properties where it still returns a new function handle too much. It's probably a better idea to just useReducer instead anyway which doesn't suffer from this as much. We might want to replace useCallback or add something in addition to it that optimizes for dispatching lazily. This was a known problems but the alternatives either doesn't work in a consistent way in ConcurrentMode, or adds lots of weight to the commit phase which works against ConcurrentMode, so whatever the idea for the replacement is probably doesn't exist yet.

This article describes the effect of scroll bouncing and how it works on different web browsers. It contains reviews of several different solutions that are suggested on the web that can be used to prevent scroll bouncing. The CSS property,

We discovered a minor vulnerability that might affect some apps using ReactDOMServer. We are releasing a patch version for every affected React minor release so that you can upgrade with no friction. Read on for more details.

Short Description

Today, we are releasing a fix for a vulnerability we discovered in the react-dom/server implementation. It was introduced with the version 16.0.0 and has existed in all subsequent releases until today.

This vulnerability can only affect some server-rendered React apps. Purely client-rendered apps are not affected. Additionally, we expect that most server-rendered apps don’t contain the vulnerable pattern described below. Nevertheless, we recommend to follow the mitigation instructions at the earliest opportunity.

The latest minor release adds support for an oft-requested feature: pointer events!

It also includes a bugfix for getDerivedStateFromProps. Check out the full changelog below.

Pointer Events

The following event types are now available in React DOM:

onPointerDown

onPointerMove

onPointerUp

onPointerCancel

onGotPointerCapture

onLostPointerCapture

onPointerEnter

onPointerLeave

onPointerOver

onPointerOut

Please note that these events will only work in browsers that support the Pointer Events specification. (At the time of this writing, this includes the latest versions of Chrome, Firefox, Edge, and Internet Explorer.) If your application depends on pointer events, we recommend using a third-party pointer events polyfill. We have opted not to include such a polyfill in React DOM, to avoid an increase in bundle size.

The main feature of Autoprefixer 8.0 is Browserslist 3.0. In the new version, it brings new default browsers. It will affect you only if you don’t change browsers by .browserslistrc or browserslist key in package.json (we don’t recommend to use browsers option).

In one hand, Browserslist 3.0 usage statistics limit for default browsers was reduced from >1% to >0.5%. In another hand, we remove dead browsers from default browsers. The dead browser is a browser with < than 1% in the global market and who don’t have security updates. Right now IE 10 and BlackBerry browser are dead browsers.

Git is hard: screwing up is easy, and figuring out how to fix your mistakes is fucking impossible. Git documentation has this chicken and egg problem where you can't search for how to get yourself out of a mess, unless you already know the name of the thing you need to know about in order to fix your problem.

So here are some bad situations I've gotten myself into, and how I eventually got myself out of them in plain english*.

Discontinuing Bower Releases

Starting with 16.1.0, we will no longer be publishing new releases on Bower. You can continue using Bower for old releases, or point your Bower configs to the React UMD builds hosted on unpkg that mirror npm releases and will continue to be updated.

All Packages

Fix an accidental extra global variable in the UMD builds. (@gaearon in #10935)

Welcome to the October 2017 release of Visual Studio Code. There are a number of significant updates in this release and we completed several popular outstanding feature requests. We hope you like it and the highlights include:

resolve and instantiate loader pipeline hooks have been added to the ESM lifecycle #15445

zlib:

CVE-2017-14919 - In zlib v1.2.9, a change was made that causes an error to be raised when a raw deflate stream is initialized with windowBits set to 8. On some versions this crashes Node and you cannot recover from it, while on some versions it throws an exception. Node.js will now gracefully set windowBits to 9 replicating the legacy behavior to avoid a DOS vector.

It sure is nice having a whole codebase that is perfectly compliant to a set of code style guidelines. All the files use the same indentation, the same quote style, the same spacing and line-break rules, heck, tiny things like the way zero's in values are handled and how keyframes are named.

It seems like a tall order, but these days, it's easier than ever. It seems to me it's become a two-tool game:

A tool to automatically fix easy-to-fix problems

A tool to warn about harder-to-fix problems

Half the battle: Prettier

Otherwise known as "fix things for me, please".

Best I can tell, Prettier is a fairly new project, only busting onto the scene in January 2017. Now in the last quarter of 2017, it seems like everybody and their sister is using it. They call it an

Apple's iPhone X has a screen that covers the entire face of the phone, save for a "notch" to make space for a camera and other various components. The result is some awkward situations for screen design, like constraining websites to a "safe area" and having white bars on the edges. It's not much of a trick to remove it though, a background-color on the body will do. Or, expand the website the whole area (notch be damned), you can add viewport-fit=cover to your meta viewport tag.

We just pushed ESLint v4.0.0, which is a major release upgrade of ESLint. This release adds some new features and fixes several bugs found in the previous release. This release also has some breaking changes, so please read the following closely.

Highlights

There are several breaking changes in 4.0.0. We’ve created a migration guide to explain the breaking changes and describe how to upgrade.

We migrated our web app to React almost 3 years ago, and since React performs extremely well out of the box, optimizing performance was not something we had to worry about. However, as our application grew in features and complexity over the years, the app’s performance wasn’t keeping up as well as we wanted it to.

We profiled our app with various tools, but the one that was the most useful was the React Perf addon. There are many great resources in that link on how to use the tool, so we won’t go over the details here. We measured the wasted rendering performance of navigating to our most used and most complex page. Here is the output of

This release includes a complete overhaul of jsdom's API for creating and manipulating jsdoms. The new API is meant to be much more intuitive and have better defaults, with complete documentation in the newly-overhauled README. We hope you like it!

As discussed in the new README, the old API is still available and supported via require("jsdom/lib/old-api.js"), at least until we have ported all of its features over to the new API. It will, however, not be gaining any new features, and we suggest you try the new API unless you really need the customizable resource loading the old API provides.

GitHub - IanLunn/Hover: A collection of CSS3 powered hover effects to be applied to links, buttons, logos, SVG, featured images and so on. Easily apply to your own elements, modify or just use for inspiration. Available in CSS, Sass, and LESS.

A collection of CSS3 powered hover effects to be applied to links, buttons, logos, SVG, featured images and so on. Easily apply to your own elements, modify or just use for inspiration. Available in CSS, Sass, and LESS.

Hover.css can be used in a number of ways; either copy and paste the effect you'd like to use in your own stylesheet or reference the stylesheet. Then just add the class name of the effect to the element you'd like it applied to.

If you plan on only using one or several effects, it's better practice to copy and paste an effect into your own stylesheet, so a user doesn't have to download

GitHub - IanLunn/Hover: A collection of CSS3 powered hover effects to be applied to links, buttons, logos, SVG, featured images and so on. Easily apply to your own elements, modify or just use for inspiration. Available in CSS, Sass, and LESS.

A collection of CSS3 powered hover effects to be applied to links, buttons, logos, SVG, featured images and so on. Easily apply to your own elements, modify or just use for inspiration. Available in CSS, Sass, and LESS.

Hover.css can be used in a number of ways; either copy and paste the effect you'd like to use in your own stylesheet or reference the stylesheet. Then just add the class name of the effect to the element you'd like it applied to.

If you plan on only using one or several effects, it's better practice to copy and paste an effect into your own stylesheet, so a user doesn't have to download

Most of the support for this app must go to the original site team and the work they put in to make the platform itself. To support Playcode, who built the platform, feel free to check out their site for more details.

Feel free to help support this unofficial app by submitting issues or bugs so we can resolve and fix them or even feel free to submit pull requests if you have already helped develop a fix for one of the bugs in the app.

Apollo Client 1.0 contains the best features from the 0.x series, and more:

Apollo Client 1.0 will also have a few significant improvements over the 0.x series:

New functions for fine-grained cache reads and writes

A vastly simplified client API with new patterns for returnPartialData, reduxRootKey and resultTransformer and better defaults for queryDeduplication and notifyOnNetworkStatusChange.

fetchPolicy replaces noFetch and forceFetch.

For a successful launch, a lot of things have to be right. We wouldn’t have gotten to where we are today without our amazing community, and we’re counting on you again to make this launch a success. Here are some of the things you can help us with: